use tor_assert and PUBLIC_KEY_OK

but don't use tor_assert inside log.c, to avoid loops svn:r1696
2024-09-21 13:34:59 +02:00 · 2004-04-25 19:59:38 +00:00 · 2004-04-25 19:59:38 +00:00 · 37192bd25e
commit 37192bd25e
parent e062ca046b
3 changed files with 97 additions and 96 deletions
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@ -80,7 +80,7 @@ crypto_get_rsa_padding_overhead(int padding) {
    case RSA_NO_PADDING: return 0;
    case RSA_PKCS1_OAEP_PADDING: return 42;
    case RSA_PKCS1_PADDING: return 11;
-    default: assert(0); return -1;
+    default: tor_assert(0); return -1;
    }
 }
@ -91,7 +91,7 @@ crypto_get_rsa_padding(int padding) {
    case PK_NO_PADDING: return RSA_NO_PADDING;
    case PK_PKCS1_PADDING: return RSA_PKCS1_PADDING;
    case PK_PKCS1_OAEP_PADDING: return RSA_PKCS1_OAEP_PADDING;
-    default: assert(0); return -1;
+    default: tor_assert(0); return -1;
    }
 }
@ -116,7 +116,7 @@ int crypto_global_cleanup()
 crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa)
 {
  crypto_pk_env_t *env;
-  assert(rsa);
+  tor_assert(rsa);
  env = tor_malloc(sizeof(crypto_pk_env_t));
  env->refs = 1;
  env->key = rsa;
@ -134,7 +134,7 @@ EVP_PKEY *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env, int private)
 {
  RSA *key = NULL;
  EVP_PKEY *pkey = NULL;
-  assert(env->key);
+  tor_assert(env->key);
  if (private) {
    if (!(key = RSAPrivateKey_dup(env->key)))
      goto error;
@ -171,7 +171,7 @@ crypto_pk_env_t *crypto_new_pk_env(void)
 void crypto_free_pk_env(crypto_pk_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
  if(--env->refs > 0)
    return;
@ -236,9 +236,9 @@ crypto_cipher_env_t *crypto_new_cipher_env()
 void crypto_free_cipher_env(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
-  assert(env->cipher);
+  tor_assert(env->cipher);
  aes_free_cipher(env->cipher);
  tor_free(env);
 }
@ -246,7 +246,7 @@ void crypto_free_cipher_env(crypto_cipher_env_t *env)
 /* public key crypto */
 int crypto_pk_generate_key(crypto_pk_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
  if (env->key)
    RSA_free(env->key);
@ -259,7 +259,7 @@ int crypto_pk_generate_key(crypto_pk_env_t *env)
 int crypto_pk_read_private_key_from_file(crypto_pk_env_t *env, FILE *src)
 {
-  assert(env && src);
+  tor_assert(env && src);
  if (env->key)
    RSA_free(env->key);
@ -274,7 +274,7 @@ int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *k
 {
  FILE *f_pr;
-  assert(env && keyfile);
+  tor_assert(env && keyfile);
  if(strspn(keyfile,CONFIG_LEGAL_FILENAME_CHARACTERS) != strlen(keyfile)) {
    /* filename contains nonlegal characters */
@ -309,7 +309,7 @@ int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *k
 int crypto_pk_read_public_key_from_file(crypto_pk_env_t *env, FILE *src)
 {
-  assert(env && src);
+  tor_assert(env && src);
  if(env->key)
    RSA_free(env->key);
@ -324,7 +324,7 @@ int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest, int
  BUF_MEM *buf;
  BIO *b;
-  assert(env && env->key && dest);
+  tor_assert(env && env->key && dest);
  b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
@ -350,7 +350,7 @@ int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest, int
 int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src, int len) {
  BIO *b;
-  assert(env && src);
+  tor_assert(env && src);
  b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
@ -376,7 +376,7 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
  char *s;
  int r;
-  assert(PRIVATE_KEY_OK(env));
+  tor_assert(PRIVATE_KEY_OK(env));
  if (!(bio = BIO_new(BIO_s_mem())))
    return -1;
@ -397,7 +397,7 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
 int crypto_pk_write_private_key_to_file(crypto_pk_env_t *env, FILE *dest)
 {
-  assert(env && dest);
+  tor_assert(env && dest);
  if (!env->key)
    return -1;
@ -408,7 +408,7 @@ int crypto_pk_write_private_key_to_file(crypto_pk_env_t *env, FILE *dest)
 }
 int crypto_pk_write_public_key_to_file(crypto_pk_env_t *env, FILE *dest)
 {
-  assert(env && dest);
+  tor_assert(env && dest);
  if (!env->key)
    return -1;
@ -420,7 +420,7 @@ int crypto_pk_write_public_key_to_file(crypto_pk_env_t *env, FILE *dest)
 int crypto_pk_check_key(crypto_pk_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
  return RSA_check_key(env->key);
 }
@ -434,7 +434,8 @@ int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b) {
  if (!a->key || !b->key)
    return -1;
-  assert((a->key)->n && (a->key)->e && (b->key)->n && (b->key)->e);
+  tor_assert(PUBLIC_KEY_OK(a));
  tor_assert(PUBLIC_KEY_OK(b));
  result = BN_cmp((a->key)->n, (b->key)->n);
  if (result)
    return result;
@ -444,13 +445,13 @@ int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b) {
 /* return the size of the public key modulus in 'env', in bytes. */
 int crypto_pk_keysize(crypto_pk_env_t *env)
 {
-  assert(env && env->key);
+  tor_assert(env && env->key);
  return RSA_size(env->key);
 }
 crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *env) {
-  assert(env && env->key);
+  tor_assert(env && env->key);
  env->refs++;
  return env;
@ -458,7 +459,7 @@ crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *env) {
 int crypto_pk_public_encrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
  return RSA_public_encrypt(fromlen, (unsigned char*)from, to, env->key,
                            crypto_get_rsa_padding(padding));
@ -466,7 +467,7 @@ int crypto_pk_public_encrypt(crypto_pk_env_t *env, const unsigned char *from, in
 int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding)
 {
-  assert(env && from && to && env->key);
+  tor_assert(env && from && to && env->key);
  if (!env->key->p)
    /* Not a private key */
    return -1;
@ -477,13 +478,13 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, i
 int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
  return RSA_public_decrypt(fromlen, (unsigned char*)from, to, env->key, RSA_PKCS1_PADDING);
 }
 int crypto_pk_private_sign(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
  if (!env->key->p)
    /* Not a private key */
    return -1;
@ -499,7 +500,7 @@ int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *
  char buf[PK_BYTES+1];
  int r;
-  assert(env && data && sig);
+  tor_assert(env && data && sig);
  if (crypto_digest(data,datalen,digest)<0) {
    log_fn(LOG_WARN, "couldn't compute digest");
@ -557,7 +558,7 @@ int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
  crypto_cipher_env_t *cipher = NULL;
  char buf[PK_BYTES+1];
-  assert(env && from && to);
+  tor_assert(env && from && to);
  overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding));
  pkeylen = crypto_pk_keysize(env);
@ -748,8 +749,8 @@ crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out)
    }
  }
  *bufp = '\0';
-  assert(strlen(buf) == FINGERPRINT_LEN);
+  tor_assert(strlen(buf) == FINGERPRINT_LEN);
-  assert(crypto_pk_check_fingerprint_syntax(buf));
+  tor_assert(crypto_pk_check_fingerprint_syntax(buf));
  strcpy(fp_out, buf);
  return 0;
 }
@ -772,14 +773,14 @@ crypto_pk_check_fingerprint_syntax(const char *s)
 /* symmetric crypto */
 int crypto_cipher_generate_key(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
  return crypto_rand(CIPHER_KEY_LEN, env->key);
 }
 int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv)
 {
-  assert(env && (CIPHER_IV_LEN==0 || iv));
+  tor_assert(env && (CIPHER_IV_LEN==0 || iv));
  if (!CIPHER_IV_LEN)
    return 0;
@ -794,7 +795,7 @@ int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv)
 int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key)
 {
-  assert(env && key);
+  tor_assert(env && key);
  if (!env->key)
    return -1;
@ -811,7 +812,7 @@ const unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env)
 int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
  aes_set_key(env->cipher, env->key, CIPHER_KEY_LEN*8);
  return 0;
@ -819,7 +820,7 @@ int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env)
 int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
  aes_set_key(env->cipher, env->key, CIPHER_KEY_LEN*8);
  return 0;
@ -827,7 +828,7 @@ int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env)
 int crypto_cipher_encrypt(crypto_cipher_env_t *env, const unsigned char *from, unsigned int fromlen, unsigned char *to)
 {
-  assert(env && env->cipher && from && fromlen && to);
+  tor_assert(env && env->cipher && from && fromlen && to);
  aes_crypt(env->cipher, from, fromlen, to);
  return 0;
@ -835,7 +836,7 @@ int crypto_cipher_encrypt(crypto_cipher_env_t *env, const unsigned char *from, u
 int crypto_cipher_decrypt(crypto_cipher_env_t *env, const unsigned char *from, unsigned int fromlen, unsigned char *to)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
  aes_crypt(env->cipher, from, fromlen, to);
  return 0;
@ -857,7 +858,7 @@ crypto_cipher_advance(crypto_cipher_env_t *env, long delta)
 /* SHA-1 */
 int crypto_digest(const unsigned char *m, int len, unsigned char *digest)
 {
-  assert(m && digest);
+  tor_assert(m && digest);
  return (SHA1(m,len,digest) == NULL);
 }
@ -883,8 +884,8 @@ void
 crypto_digest_add_bytes(crypto_digest_env_t *digest, const char *data,
                        size_t len)
 {
-  assert(digest);
+  tor_assert(digest);
-  assert(data);
+  tor_assert(data);
  SHA1_Update(&digest->d, (void*)data, len);
 }
@ -892,8 +893,8 @@ void crypto_digest_get_digest(crypto_digest_env_t *digest,
                              char *out, size_t out_len)
 {
  static char r[DIGEST_LEN];
-  assert(digest && out);
+  tor_assert(digest && out);
-  assert(out_len <= DIGEST_LEN);
+  tor_assert(out_len <= DIGEST_LEN);
  SHA1_Final(r, &digest->d);
  memcpy(out, r, out_len);
 }
@ -902,7 +903,7 @@ crypto_digest_env_t *
 crypto_digest_dup(const crypto_digest_env_t *digest)
 {
  crypto_digest_env_t *r;
-  assert(digest);
+  tor_assert(digest);
  r = tor_malloc(sizeof(crypto_digest_env_t));
  memcpy(r,digest,sizeof(crypto_digest_env_t));
  return r;
@ -912,7 +913,7 @@ void
 crypto_digest_assign(crypto_digest_env_t *into,
                     const crypto_digest_env_t *from)
 {
-  assert(into && from);
+  tor_assert(into && from);
  memcpy(into,from,sizeof(crypto_digest_env_t));
 }
@ -928,7 +929,7 @@ static void init_dh_param() {
  p = BN_new();
  g = BN_new();
-  assert(p && g);
+  tor_assert(p && g);
 #if 0
  /* This is from draft-ietf-ipsec-ike-modp-groups-05.txt.  It's a safe
@ -957,10 +958,10 @@ static void init_dh_param() {
                "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
                "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
                "49286651ECE65381FFFFFFFFFFFFFFFF");
-  assert(r);
+  tor_assert(r);
  r = BN_set_word(g, 2);
-  assert(r);
+  tor_assert(r);
  dh_param_p = p;
  dh_param_g = g;
 }
@ -992,7 +993,7 @@ crypto_dh_env_t *crypto_dh_new()
 }
 int crypto_dh_get_bytes(crypto_dh_env_t *dh)
 {
-  assert(dh);
+  tor_assert(dh);
  return DH_size(dh->dh);
 }
 int crypto_dh_generate_public(crypto_dh_env_t *dh)
@ -1004,13 +1005,13 @@ int crypto_dh_generate_public(crypto_dh_env_t *dh)
 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, int pubkey_len)
 {
  int bytes;
-  assert(dh);
+  tor_assert(dh);
  if (!dh->dh->pub_key) {
    if (!DH_generate_key(dh->dh))
      return -1;
  }
-  assert(dh->dh->pub_key);
+  tor_assert(dh->dh->pub_key);
  bytes = BN_num_bytes(dh->dh->pub_key);
  if (pubkey_len < bytes)
    return -1;
@ -1032,8 +1033,8 @@ int crypto_dh_compute_secret(crypto_dh_env_t *dh,
  BIGNUM *pubkey_bn = NULL;
  int secret_len;
  int i;
-  assert(dh);
+  tor_assert(dh);
-  assert(secret_bytes_out/DIGEST_LEN <= 255);
+  tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
  if (!(pubkey_bn = BN_bin2bn(pubkey, pubkey_len, NULL)))
    goto error;
@ -1059,7 +1060,7 @@ int crypto_dh_compute_secret(crypto_dh_env_t *dh,
 }
 void crypto_dh_free(crypto_dh_env_t *dh)
 {
-  assert(dh && dh->dh);
+  tor_assert(dh && dh->dh);
  DH_free(dh->dh);
  free(dh);
 }
@ -1128,13 +1129,13 @@ int crypto_seed_rng()
 int crypto_rand(unsigned int n, unsigned char *to)
 {
-  assert(to);
+  tor_assert(to);
  return (RAND_bytes(to, n) != 1);
 }
 void crypto_pseudo_rand(unsigned int n, unsigned char *to)
 {
-  assert(to);
+  tor_assert(to);
  if (RAND_pseudo_bytes(to, n) == -1) {
    log_fn(LOG_ERR, "RAND_pseudo_bytes failed unexpectedly.");
    exit(1);
@ -1145,8 +1146,8 @@ void crypto_pseudo_rand(unsigned int n, unsigned char *to)
 int crypto_pseudo_rand_int(unsigned int max) {
  unsigned int val;
  unsigned int cutoff;
-  assert(max < UINT_MAX);
+  tor_assert(max < UINT_MAX);
-  assert(max > 0); /* don't div by 0 */
+  tor_assert(max > 0); /* don't div by 0 */
  /* We ignore any values that are >= 'cutoff,' to avoid biasing the
   * distribution with clipping at the upper end of unsigned int's
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@ -153,7 +153,7 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa,
  start_time = time(NULL);
-  assert(rsa && cname && rsa_sign && cname_sign);
+  tor_assert(rsa && cname && rsa_sign && cname_sign);
  if (!(sign_pkey = _crypto_pk_env_get_evp_pkey(rsa_sign,1)))
    goto error;
  if (!(pkey = _crypto_pk_env_get_evp_pkey(rsa,0)))
@ -286,7 +286,7 @@ tor_tls_context_new(crypto_pk_env_t *identity,
    goto error;
  SSL_CTX_set_session_cache_mode(result->ctx, SSL_SESS_CACHE_OFF);
  if (isServer) {
-    assert(rsa);
+    tor_assert(rsa);
    if (!(pkey = _crypto_pk_env_get_evp_pkey(rsa,1)))
      goto error;
    if (!SSL_CTX_use_PrivateKey(result->ctx, pkey))
@ -338,7 +338,7 @@ tor_tls *
 tor_tls_new(int sock, int isServer)
 {
  tor_tls *result = tor_malloc(sizeof(tor_tls));
-  assert(global_tls_context); /* make sure somebody made it first */
+  tor_assert(global_tls_context); /* make sure somebody made it first */
  if (!(result->ssl = SSL_new(global_tls_context->ctx)))
    return NULL;
  result->socket = sock;
@ -368,8 +368,8 @@ int
 tor_tls_read(tor_tls *tls, char *cp, int len)
 {
  int r, err;
-  assert(tls && tls->ssl);
+  tor_assert(tls && tls->ssl);
-  assert(tls->state == TOR_TLS_ST_OPEN);
+  tor_assert(tls->state == TOR_TLS_ST_OPEN);
  r = SSL_read(tls->ssl, cp, len);
  if (r > 0)
    return r;
@ -378,7 +378,7 @@ tor_tls_read(tor_tls *tls, char *cp, int len)
    tls->state = TOR_TLS_ST_CLOSED;
    return TOR_TLS_CLOSE;
  } else {
-    assert(err != TOR_TLS_DONE);
+    tor_assert(err != TOR_TLS_DONE);
    return err;
  }
 }
@ -392,13 +392,13 @@ int
 tor_tls_write(tor_tls *tls, char *cp, int n)
 {
  int r, err;
-  assert(tls && tls->ssl);
+  tor_assert(tls && tls->ssl);
-  assert(tls->state == TOR_TLS_ST_OPEN);
+  tor_assert(tls->state == TOR_TLS_ST_OPEN);
  if (n == 0)
    return 0;
  if(tls->wantwrite_n) {
    /* if WANTWRITE last time, we must use the _same_ n as before */
-    assert(n >= tls->wantwrite_n);
+    tor_assert(n >= tls->wantwrite_n);
    log_fn(LOG_DEBUG,"resuming pending-write, (%d to flush, reusing %d)",
           n, tls->wantwrite_n);
    n = tls->wantwrite_n;
@ -424,8 +424,8 @@ int
 tor_tls_handshake(tor_tls *tls)
 {
  int r;
-  assert(tls && tls->ssl);
+  tor_assert(tls && tls->ssl);
-  assert(tls->state == TOR_TLS_ST_HANDSHAKE);
+  tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE);
  if (tls->isServer) {
    r = SSL_accept(tls->ssl);
  } else {
@ -447,7 +447,7 @@ tor_tls_shutdown(tor_tls *tls)
 {
  int r, err;
  char buf[128];
-  assert(tls && tls->ssl);
+  tor_assert(tls && tls->ssl);
  while (1) {
    if (tls->state == TOR_TLS_ST_SENTCLOSE) {
@ -593,19 +593,19 @@ tor_tls_verify(tor_tls *tls, crypto_pk_env_t *identity_key)
 int
 tor_tls_get_pending_bytes(tor_tls *tls)
 {
-  assert(tls);
+  tor_assert(tls);
  return SSL_pending(tls->ssl);
 }
 /* Return the number of bytes read across the underlying socket. */
 unsigned long tor_tls_get_n_bytes_read(tor_tls *tls)
 {
-  assert(tls);
+  tor_assert(tls);
  return BIO_number_read(SSL_get_rbio(tls->ssl));
 }
 unsigned long tor_tls_get_n_bytes_written(tor_tls *tls)
 {
-  assert(tls);
+  tor_assert(tls);
  return BIO_number_written(SSL_get_wbio(tls->ssl));
 }
--- a/src/common/util.c
+++ b/src/common/util.c
@ -105,7 +105,7 @@ void *tor_realloc(void *ptr, size_t size) {
 char *tor_strdup(const char *s) {
  char *dup;
-  assert(s);
+  tor_assert(s);
  dup = strdup(s);
  if(!dup) {
@ -117,7 +117,7 @@ char *tor_strdup(const char *s) {
 char *tor_strndup(const char *s, size_t n) {
  char *dup;
-  assert(s);
+  tor_assert(s);
  dup = tor_malloc(n+1);
  strncpy(dup, s, n);
  dup[n] = 0;
@ -160,7 +160,7 @@ void hex_encode(const char *from, int fromlen, char *to)
 {
  const unsigned char *fp = from;
  static const char TABLE[] = "0123456789abcdef";
-  assert(from && fromlen>=0 && to);
+  tor_assert(from && fromlen>=0 && to);
  while (fromlen--) {
    *to++ = TABLE[*fp >> 4];
    *to++ = TABLE[*fp & 7];
@ -222,7 +222,7 @@ void smartlist_clear(smartlist_t *sl) {
 void smartlist_truncate(smartlist_t *sl, int len)
 {
-  assert(len <= sl->num_used);
+  tor_assert(len <= sl->num_used);
  sl->num_used = len;
 }
@ -293,13 +293,13 @@ void *smartlist_choose(const smartlist_t *sl) {
 void *smartlist_get(const smartlist_t *sl, int idx)
 {
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
  return sl->list[idx];
 }
 void *smartlist_set(smartlist_t *sl, int idx, void *val)
 {
  void *old;
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
  old = sl->list[idx];
  sl->list[idx] = val;
  return old;
@ -307,7 +307,7 @@ void *smartlist_set(smartlist_t *sl, int idx, void *val)
 void *smartlist_del(smartlist_t *sl, int idx)
 {
  void *old;
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
  old = sl->list[idx];
  sl->list[idx] = sl->list[--sl->num_used];
  return old;
@ -315,7 +315,7 @@ void *smartlist_del(smartlist_t *sl, int idx)
 void *smartlist_del_keeporder(smartlist_t *sl, int idx)
 {
  void *old;
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
  old = sl->list[idx];
  --sl->num_used;
  if (idx < sl->num_used)
@ -328,7 +328,7 @@ int smartlist_len(const smartlist_t *sl)
 }
 void smartlist_insert(smartlist_t *sl, int idx, void *val)
 {
-  assert(sl && idx >= 0 && idx <= sl->num_used);
+  tor_assert(sl && idx >= 0 && idx <= sl->num_used);
  if (idx == sl->num_used) {
    smartlist_add(sl, val);
  } else {
@ -388,7 +388,7 @@ void* strmap_set(strmap_t *map, const char *key, void *val)
  strmap_entry_t *resolve;
  strmap_entry_t search;
  void *oldval;
-  assert(map && key && val);
+  tor_assert(map && key && val);
  search.key = (char*)key;
  resolve = SPLAY_FIND(strmap_tree, &map->head, &search);
  if (resolve) {
@ -411,7 +411,7 @@ void* strmap_get(strmap_t *map, const char *key)
 {
  strmap_entry_t *resolve;
  strmap_entry_t search;
-  assert(map && key);
+  tor_assert(map && key);
  search.key = (char*)key;
  resolve = SPLAY_FIND(strmap_tree, &map->head, &search);
  if (resolve) {
@ -432,7 +432,7 @@ void* strmap_remove(strmap_t *map, const char *key)
  strmap_entry_t *resolve;
  strmap_entry_t search;
  void *oldval;
-  assert(map && key);
+  tor_assert(map && key);
  search.key = (char*)key;
  resolve = SPLAY_FIND(strmap_tree, &map->head, &search);
  if (resolve) {
@ -510,7 +510,7 @@ void strmap_foreach(strmap_t *map,
                    void *data)
 {
  strmap_entry_t *ptr, *next;
-  assert(map && fn);
+  tor_assert(map && fn);
  for (ptr = SPLAY_MIN(strmap_tree, &map->head); ptr != NULL; ptr = next) {
    /* This remove-in-place usage is specifically blessed in tree(3). */
    next = SPLAY_NEXT(strmap_tree, &map->head, ptr);
@ -549,14 +549,14 @@ void strmap_foreach(strmap_t *map,
 */
 strmap_iter_t *strmap_iter_init(strmap_t *map)
 {
-  assert(map);
+  tor_assert(map);
  return SPLAY_MIN(strmap_tree, &map->head);
 }
 /* Advance the iterator 'iter' for map a single step to the next entry.
 */
 strmap_iter_t *strmap_iter_next(strmap_t *map, strmap_iter_t *iter)
 {
-  assert(map && iter);
+  tor_assert(map && iter);
  return SPLAY_NEXT(strmap_tree, &map->head, iter);
 }
 /* Advance the iterator 'iter' a single step to the next entry, removing
@ -565,7 +565,7 @@ strmap_iter_t *strmap_iter_next(strmap_t *map, strmap_iter_t *iter)
 strmap_iter_t *strmap_iter_next_rmv(strmap_t *map, strmap_iter_t *iter)
 {
  strmap_iter_t *next;
-  assert(map && iter);
+  tor_assert(map && iter);
  next = SPLAY_NEXT(strmap_tree, &map->head, iter);
  SPLAY_REMOVE(strmap_tree, &map->head, iter);
  tor_free(iter->key);
@ -576,7 +576,7 @@ strmap_iter_t *strmap_iter_next_rmv(strmap_t *map, strmap_iter_t *iter)
 */
 void strmap_iter_get(strmap_iter_t *iter, const char **keyp, void **valp)
 {
-  assert(iter && keyp && valp);
+  tor_assert(iter && keyp && valp);
  *keyp = iter->key;
  *valp = iter->val;
 }
@ -599,7 +599,7 @@ void strmap_free(strmap_t *map, void (*free_val)(void*))
    if (free_val)
      tor_free(ent->val);
  }
-  assert(SPLAY_EMPTY(&map->head));
+  tor_assert(SPLAY_EMPTY(&map->head));
  tor_free(map);
 }
@ -609,7 +609,7 @@ void strmap_free(strmap_t *map, void (*free_val)(void*))
 /* return the first char of s that is not whitespace and not a comment */
 const char *eat_whitespace(const char *s) {
-  assert(s);
+  tor_assert(s);
  while(isspace((int)*s) || *s == '#') {
    while(isspace((int)*s))
@ -632,7 +632,7 @@ const char *eat_whitespace_no_nl(const char *s) {
 /* return the first char of s that is whitespace or '#' or '\0 */
 const char *find_whitespace(const char *s) {
-  assert(s);
+  tor_assert(s);
  while(*s && !isspace((int)*s) && *s != '#')
    s++;
@ -722,8 +722,8 @@ time_t tor_timegm (struct tm *tm) {
  unsigned long year, days, hours, minutes;
  int i;
  year = tm->tm_year + 1900;
-  assert(year >= 1970);
+  tor_assert(year >= 1970);
-  assert(tm->tm_mon >= 0 && tm->tm_mon <= 11);
+  tor_assert(tm->tm_mon >= 0 && tm->tm_mon <= 11);
  days = 365 * (year-1970) + n_leapdays(1970,year);
  for (i = 0; i < tm->tm_mon; ++i)
    days += days_per_month[i];
@ -812,7 +812,7 @@ int spawn_func(int (*func)(void *), void *data)
  if (pid==0) {
    /* Child */
    func(data);
-    assert(0); /* Should never reach here. */
+    tor_assert(0); /* Should never reach here. */
    return 0; /* suppress "control-reaches-end-of-non-void" warning. */
  } else {
    /* Parent */
@ -941,7 +941,7 @@ tor_socketpair(int family, int type, int protocol, int fd[2])
 int correct_socket_errno(int s)
 {
  int optval, optvallen=sizeof(optval);
-  assert(errno == WSAEWOULDBLOCK);
+  tor_assert(errno == WSAEWOULDBLOCK);
  if (getsockopt(s, SOL_SOCKET, SO_ERROR, (void*)&optval, &optvallen))
    return errno;
  if (optval)
@ -1065,7 +1065,7 @@ char *read_file_to_str(const char *filename) {
  struct stat statbuf;
  char *string;
-  assert(filename);
+  tor_assert(filename);
  if(strcspn(filename,CONFIG_LEGAL_FILENAME_CHARACTERS) != 0) {
    log_fn(LOG_WARN,"Filename %s contains illegal characters.",filename);
@ -1352,7 +1352,7 @@ int tor_inet_aton(const char *c, struct in_addr* addr)
  return inet_aton(c, addr);
 #else
  uint32_t r;
-  assert(c && addr);
+  tor_assert(c && addr);
  if (strcmp(c, "255.255.255.255") == 0) {
    addr->s_addr = 0xFFFFFFFFu;
    return 1;